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~ The MAILING DATE of this communication appears on the cover sheet with the correspondence address- 

All claims being allowable, PROSECUTION ON THE MERITS IS (OR REMAINS) CLOSED in this application. If not included 
herewith (or previously mailed), a Notice of Allowance (PTOL-85) or other appropriate communication will be mailed in due course. THIS 
NOTICE OF ALLOWABILITY IS NOT A GRANT OF PATENT RIGHTS. This application is subject to withdrawal from issue at the initiative 
of the Office or upon petition by the applicant. See 37 CFR 1.313 and MPEP 1308. 

1 . This communication is responsive to the RCE filed on 10/30/09 . 

2. The allowed claim(s) is/are 1-6,8-13,15-19,21 and 22 . 
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International Bureau (PCT Rule 17.2(a)). 
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Paper No./Mail Date . 
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each sheet. Replacement sheet(s) should be labeled as such in the header according to 37 CFR 1.121(d). 
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attached Examiner's comment regarding REQUIREMENT FOR THE DEPOSIT OF BIOLOGICAL MATERIAL. 



Attachment(s) 






1 . ^ Notice of References Cited (PTO-892) 


5 


□ Notice of Informal Patent Application 


2. □ Notice of Draftperson's Patent Drawing Review (PTO-948) 


6 


□ Interview Summary (PTO-413), 






Paper No./Mail Date . 


3. □ Information Disclosure Statements (PTO/SB/08), 


7. 


^ Examiner's Amendment/Comment 


Paper No./Mail Date 






4. □ Examiner's Comment Regarding Requirement for Deposit 


8 


□ Examiner's Statement of Reasons for Allowance 


of Biological Material 








9 


□ Other . 



/Minh Dinh/ 

Primary Examiner, Art Unit 2432 



U.S. Patent and Trademark Office 

PTOL-37 (Rev. 08-06) 



Notice of Allowability 



Part of Paper No./Mail Date 20091 106 



Application/Control Number: 10/677,049 Page 2 

Art Unit: 2432 

EXAMINER'S AMENDMENT 

1 . An examiner's amendment to the record appears below. Should the changes 
and/or additions be unacceptable to applicant, an amendment may be filed as provided 
by 37 CFR 1 .312. To ensure consideration of such an amendment, it MUST be 
submitted no later than the payment of the issue fee. 

Authorization for this examiner's amendment was given in a telephone interview 
with Salvador M. Bezos on 1 1/06/09. 

The claims have been amended as follows: 
1. A computer - implemented method for limiting access to an electronic document, 
comprising: 

associating , by one or more computing devices, a classifier with a first state of a process- 
driven security policy having a plurality of states, with each of the states having a different set of 
access restrictions; 

associatin g, by the one or more computing devices, an identifier representing a user or a 
group of users with the first state of the process-driven security policy; 

associatin g, by the one or more computing devices, the electronic document with at least 
the first state of the process-driven security policy having a set of to impose access restrictions 
on an the electronic document , the access restrictions comprising ; 

limiting access to the electronic document by encryptin g, by the one or more computing 
devices, at least a portion of the electronic document using a group key corresponding to the 
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identifier and a state key corresponding to the classifier and requiring at least both the group key 
and the state key to decrypt at least the portion of the electronic document; and 

changing , by the one or more computing devices, the state of the process-driven security 
policy for the electronic document automatically without user or administrator interaction from 
the first state to a second state in response to an internal or external system event, wherein the 
changed state is based on a transition rule associated with the event. 

6. A computer - implemented method for imposing access restrictions on an electronic 
document, comprising: 

associatin g, by one or more computing devices, an electronic document with at least a 
first state of a plurality of states of a process-driven security policy, the first state associated with 
a classifier and with an identifier representing a user or a group of users, each of the states 
having a different set of access restrictions; 

imposing the set of access restrictions associated with the first state on the electronic 
document , the access restrictions comprising by encryptin g, by the one or more computing 
devices, at least a portion of the electronic document using a group key corresponding to the 
identifier and a state key corresponding to the classifier and requiring at least both the group key 
and the state key to decrypt at least the portion of the electronic document; and 

changing , by the one or more computing devices, the state of the process-driven security 
policy for the electronic document automatically without user or administrator interaction from 
the first state to a second state in response to an internal or external system event, wherein the 
changed state is based on a transition rule associated with the event. 
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13. A tangible computer-readable medium having stored thereon computer-executable 
instructions that, if executed by a computing device, cause the computing device to perform a 
method for imposing access restrictions on an electronic document, the method comprising: 

associating an electronic document with at least a first state of a plurality of states of a 
process-driven security policy, the first state associated with a classifier and with an identifier 
representing a user or a group of users, each of the states having a different set of access 
restrictions; 

imposing the set of access restrictions associated with the first state on the electronic 
document , the access restrictions comprising by encrypting at least a portion of the electronic 
document using a group key corresponding to the identifier and a state key corresponding to the 
classifier and requiring at least both the group key and the state key to decrypt at least the portion 
of the electronic document; and 

changing the state of the process-driven security policy for the electronic document 
automatically without user or administrator interaction from the first state to a second state in 
response to an internal or external system event, wherein the changed state is based on a 
transition rule associated with the event. 

15. The tangible computer-readable medium as recited in claim 13, wherein the event is a 
user-triggered event. 

16. The tangible computer-readable medium as recited in claim 13, wherein the event occurs 
at or is received at the client machine. 
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17. The tangible computer-readable medium as recited in claim 13, wherein the electronic 
document includes security information, and the security information includes at least an 
indication of the state of the process-driven security policy for the electronic document. 

18. The tangible computer-readable medium as recited in claim 13, wherein the process- 
driven security policy is imposed on a plurality of documents on a document-by-document basis. 

19. The tangible computer- readable medium as recited in claim 13, wherein at the client 
machine, each of a plurality of electronic documents is in one of the states of the process-driven 
security policy. 
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